Exam 350-501 topic 1 question 34 discussion

C is Correct not B! https://www.ccexpert.us/cisco-secure/configuring-tacacs-on-cisco-ios.html

Answer: C tacacs-server host 192.168.1.2 single-connection This command is used to specify the IP address of the TACACS+ server1. The single-connection keyword means that the router will maintain a single, persistent connection to the TACACS+ server2. This can be more efficient than opening and closing a connection for each authentication request. tacacs-server key ciscotest This command sets ciscotest as the encryption key13. This key is used to encrypt all exchanges between the router (the network access server) and the TACACS+ server13.

single-connection (Optional) Used to specify a single connection. Rather than have the router open and close a TCP connection to the daemon each time it must communicate, the single-connection option maintains a single open connection between the router and the daemon. This is more efficient because it allows the daemon to handle a higher number of TACACS operations.

C is Correct, please adjust right answer to C.

A and D are wrong for starters because single-connection keeps the tcp session open constantly not ever time authentication or authorization is needed. B - this is very strange wording, but the password ciscotest has nothing to do with the login of the network administrator, this is tacacs server authentication password not the user. C - this is the correct answer.

B is the correct answer. Key = (Optional) Specify an authentication and encryption key. This must match the key used by the TACACS+ daemon. Specifying this key overrides the key set by the global command tacacs-server key for this server only. B and C has that the single connection is opened between the router and the TACAS+ server, but to access the server , you need to login with the key specified

We dont' care which user will be connected to te router (admin, user...)

Command: tacacs-server key -- Sets the encryption key to match that used on the TACACS+ daemon. Command: tacacs-server host single-connection -- the single-connection option maintains a single open connection between the router and the daemon. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_tacacs/configuration/xe-16-5/sec-usr-tacacs-xe-16-5-book/sec-cfg-tacacs.html

C is correct! single-connection (Optional) Used to specify a single connection. Rather than have the router open and close a TCP connection to the daemon each time it must communicate, the single-connection option maintains a single open connection between the router and the daemon. This is more efficient because it allows the daemon to handle a higher number of TACACS operations. https://www.ccexpert.us/cisco-secure/configuring-tacacs-on-cisco-ios.html

for me C is correct . the tacacs-server key its used for packet encryption between tacacs and router not for user authentication

B is same C but it says access router with password ciscotest. Which is true according to the configuration